Reference documentation and code samples for the Google Cloud Policy Simulator V1 Client class ExplainedPolicy.
Details about how a specific IAM Policy contributed to the access check.
Generated from protobuf message google.cloud.policysimulator.v1.ExplainedPolicy
Namespace
Google \ Cloud \ PolicySimulator \ V1Methods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ access |
int
Indicates whether this policy provides the specified permission to the specified principal for the specified resource. This field does not indicate whether the principal actually has the permission for the resource. There might be another policy that overrides this policy. To determine whether the principal actually has the permission, use the |
↳ full_resource_name |
string
The full resource name that identifies the resource. For example, |
↳ policy |
Google\Cloud\Iam\V1\Policy
The IAM policy attached to the resource. If the user who created the Replay does not have access to the policy, this field is empty. |
↳ binding_explanations |
array<Google\Cloud\PolicySimulator\V1\BindingExplanation>
Details about how each binding in the policy affects the principal's ability, or inability, to use the permission for the resource. If the user who created the Replay does not have access to the policy, this field is omitted. |
↳ relevance |
int
The relevance of this policy to the overall determination in the TroubleshootIamPolicyResponse. If the user who created the Replay does not have access to the policy, this field is omitted. |
getAccess
Indicates whether this policy provides the specified permission to the specified principal for the specified resource.
This field does not indicate whether the principal actually has the
permission for the resource. There might be another policy that overrides
this policy. To determine whether the principal actually has the
permission, use the access
field in the
TroubleshootIamPolicyResponse.
Returns | |
---|---|
Type | Description |
int |
setAccess
Indicates whether this policy provides the specified permission to the specified principal for the specified resource.
This field does not indicate whether the principal actually has the
permission for the resource. There might be another policy that overrides
this policy. To determine whether the principal actually has the
permission, use the access
field in the
TroubleshootIamPolicyResponse.
Parameter | |
---|---|
Name | Description |
var |
int
|
Returns | |
---|---|
Type | Description |
$this |
getFullResourceName
The full resource name that identifies the resource. For example,
//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance
.
If the user who created the Replay does not have access to the policy, this field is omitted. For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
Returns | |
---|---|
Type | Description |
string |
setFullResourceName
The full resource name that identifies the resource. For example,
//compute.googleapis.com/projects/my-project/zones/us-central1-a/instances/my-instance
.
If the user who created the Replay does not have access to the policy, this field is omitted. For examples of full resource names for Google Cloud services, see https://cloud.google.com/iam/help/troubleshooter/full-resource-names.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getPolicy
The IAM policy attached to the resource.
If the user who created the Replay does not have access to the policy, this field is empty.
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\Policy|null |
hasPolicy
clearPolicy
setPolicy
The IAM policy attached to the resource.
If the user who created the Replay does not have access to the policy, this field is empty.
Parameter | |
---|---|
Name | Description |
var |
Google\Cloud\Iam\V1\Policy
|
Returns | |
---|---|
Type | Description |
$this |
getBindingExplanations
Details about how each binding in the policy affects the principal's ability, or inability, to use the permission for the resource.
If the user who created the Replay does not have access to the policy, this field is omitted.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setBindingExplanations
Details about how each binding in the policy affects the principal's ability, or inability, to use the permission for the resource.
If the user who created the Replay does not have access to the policy, this field is omitted.
Parameter | |
---|---|
Name | Description |
var |
array<Google\Cloud\PolicySimulator\V1\BindingExplanation>
|
Returns | |
---|---|
Type | Description |
$this |
getRelevance
The relevance of this policy to the overall determination in the TroubleshootIamPolicyResponse.
If the user who created the Replay does not have access to the policy, this field is omitted.
Returns | |
---|---|
Type | Description |
int |
setRelevance
The relevance of this policy to the overall determination in the TroubleshootIamPolicyResponse.
If the user who created the Replay does not have access to the policy, this field is omitted.
Parameter | |
---|---|
Name | Description |
var |
int
|
Returns | |
---|---|
Type | Description |
$this |